I want to do allow 3389 port(RDP) only through VPN connection, not normally. How can I do this?
I have configured VPN server in Mikrotik. I have blocked all traffic except http and https by firewall filter. I allowed 3389 by filter rule and right now other systems(outside of our network) able to do RDP to our intranet systems regardless of VPN. I mean Laptop(client outside of our network) can able to do RDP with/without VPN client. I need client should connect to VPN server of Mikrotik then do RDP to intranet system otherwise disconnect.
How do I block other RDP connection except RDP over VPN?
Right Now:
-------- pptp tunnel ------------ ----------
| | ============ | | | |
|laptop | -------------- | Mikrotik |-------| system A |
| | ============ | | | |
| | -------------- | router |-------| |
-------- | | ----------
------------
I want :
-------- pptp tunnel ------------ ----------
| | ============ | | | |
|laptop | -------------- | Mikrotik |-------| system A |
| | ============ | | | |
| | | router | | |
-------- | | ----------
------------